Ransomware Group: QILIN

VICTIM NAME: envac[.]es

NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the QILIN Onion Dark Web Tor Blog page.

AI Generated Summary of the Ransomware Leak Page

The leak page provides information about a cybersecurity incident involving Envac Iberia SA, a company operating within the Waste Treatment, Environmental Services, and Recycling industry. The attack was identified on August 1, 2025, although the breach is believed to have occurred on the same date. This company is based in Barcelona, Catalonia, Spain, and has an employee count between 20 and 49, with reported revenues ranging from five to ten million euros. The page features a screenshot that appears to display internal documents or data, indicating the release of potentially sensitive information linked to the organization. Download links are present, suggesting that leaked data or files are accessible for download, which could include confidential business information. The content aims to inform the public and stakeholders about the recent security incident affecting the company, emphasizing its industry, geographic location, and the potential data exposure.

As part of the leak, the cybersecurity group “qilin” claims responsibility for the breach, published via a dedicated dark web site. The leak page includes a claim URL, external to the main site, providing further details about the incident. The included screenshot offers visual insight into the nature of the data that may have been compromised, though no explicit sensitive information like PII or personal data is detailed publicly. The attack appears to be part of a wider campaign targeting organizations in environmental and waste management services. Overall, the leak highlights the ongoing risks faced by companies in this sector and the importance of cybersecurity measures to prevent unauthorized data access and disclosure.